How to avoid turning your smartphone into a spyware zoo

Sometimes even a completely innocent-looking site with a good reputation can be harmful – criminals may find and exploit a vulnerability. For example, they can use the site for drive-by attacks, causing each visitor to download a file automatically (and unwittingly) as soon as they get to the site. For example, Android users interested in current events in the Middle East are at risk of getting a whole menagerie – ZooPark spyware – on their phones.

Kaspersky Lab has been following this malware since 2015, and it has learned a plethora of new tricks since then. The current, fourth version of this Trojan can steal almost any information from your smartphone, from contacts to call logs and info you enter by keyboard. Here is the list of data that ZooPark can collect and send to its owners:

Contacts

User account information

Call history

Call audio recordings

Text messages

Bookmarks and browser history

Browser search history

Device location

Device information

Information on installed apps

Any files from the memory card

Documents stored on the device

Information entered using the on-screen keyboard

Clipboard information

App-stored data (for example, data from messaging apps such as Telegram, WhatsApp, and imo, or the Chrome browser)

In addition, ZooPark can take screenshots and photos, and record videos on command. For example, it can take a picture of the phone’s owner from the front camera and send it to its command center.

Malware beasts and where to find them

ZooPark Trojan spyware is used for targeted attacks — in other words, it’s not sent out randomly to ensnare just anyone; it aims for a specific audience. As we said, the criminals behind ZooPark target those who are interested in specific topics — in this case, Middle Eastern politics.

ZooPark spreads by two main channels: drive-by downloads and Telegram. In the latter case, for example, criminals offered an app on the Telegram channel for voting on the Kurdistan independence referendum.

Malefactors also hack some Web resources that are popular in certain countries or circles, making visitors automatically download an infected app that looks like something useful — for example, an official app for the news resource. Finally, in some cases, the malware pretends to be an “all-in-one” messenger. For more details about the technical aspects of ZooPark, see the post on Securelist.

Don’t buy a zoo

To avoid falling prey to this kind of dangerous spyware, remember a few important rules that will help make your virtual life safer:

Download apps only from trusted sources. Even better, use your device settings to disable the ability to install programs from third-party stores.

Update your operating system and important apps as updates become available. Many safety issues can be solved by installing updated versions of software.

Related Articles

Kaspersky Lab experts have discovered a backdoor planted in a server management software product used by hundreds of large businesses around the world. When activated, the backdoor allows attackers to download further malicious modules or […]

Like this:

Tigo has announced new investment to improve both network availability and quality across Tanzania in order to enhance customer experience on data and voice services. Tigo’s Chief Technical and Information Officer (CTIO) Jérôme Albou told […]

Like this:

Kaspersky Lab has announced the availability of the new version of Kaspersky Internet Security – a multi-device solution in Nigeria. The solution provides users with additional opportunities to manage their internet protection and to ensure the […]

Leave a Reply

Be the first to comment

Specify a Disqus shortname at Social Comments options page in admin panel

advert:

About us:

For news, updates, views, analyses and reviews on tech and ICT developments in Kenya, Africa and the world.
For editorial and advertising partnerships, call +254-725-537823 / +254-735-537823 or send an email to aptantech@gmail.com or omondi.ouma@gmail.com.
We also provide Press Release writing and distribution services to local and regional news outlets. Don't hesitate to contact us for media coordination when you've an event.

Advert Dimensions:

For Advertising inquiries:

Above – click on the image for clarity – are the various advert placement positions and dimensions on the blog. For bookings and more info, get in touch through: +254-725-537823 / +254-735-537823 or send an email to: aptantech@gmail.com or omondi.ouma@gmail.com.